<!DOCTYPE html>

<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<script type="text/javascript" src="lib/jquery.min.2.1.4.js"></script>
<title>Sql Injection POC</title>
</head>

<body>
	<br>
	<span>SQL Injection POC</span> 
	<div>
	用户名:<input id="data" type="text" name="input" value="user">
		  <input id="btn" value="查询" type="button" onclick="fire()"/>
	</div>
	<div>
	用户名:<input id="data2" type="text" name="input" value="user">
		  <input id="btn" value="查询(长度限制)" type="button" onclick="firelen()"/>
	</div>

</body>
<script type="text/javascript">
    
    function fire(){
    	var inputdata = $("#data").val();
    	$.ajax({
			url: '/query?value='+inputdata, 
            method: 'get',
            success: function (data) {
            	if(data){
					alert(data);
            	}
            },
            error: function (error) {
                alert(error.responseText);
            }
        });
    }
    
    function firelen(){
    	//var host = "http://192.168.241.100:55555/";
    	var inputdata = $("#data2").val();
    	$.ajax({
			//url: host+'/query/maxlen?value='+inputdata, 
			url: '/query/maxlen?value='+inputdata, 
            method: 'get',
            success: function (data) {
            	if(data){
					alert(data);
            	}
            },
            error: function (error) {
                alert(error.responseText);
            }
        });
    }
</script>
</html>

